Package java.security

Class Signature

java.lang.Object
java.security.SignatureSpi
java.security.Signature
Direct Known Subclasses:
OpenSSLSignature, OpenSSLSignatureRawRSA, SHA1withDSA_SignatureImpl
public abstract class Signature
extends SignatureSpi
Signature is an engine class which is capable of creating and verifying digital signatures, using different algorithms that have been registered with the Security class.
See Also:
SignatureSpi

  • Field Summary

    Fields
    Modifier and Type Field Description
    protected static int SIGN
    Constant that indicates that this Signature instance has been initialized for signing.
    protected int state
    Represents the current state of this Signature.
    protected static int UNINITIALIZED
    Constant that indicates that this Signature instance has not yet been initialized.
    protected static int VERIFY
    Constant that indicates that this Signature instance has been initialized for verification.

    Fields inherited from class java.security.SignatureSpi

    appRandom

  • Constructor Summary

    Constructors
    Modifier Constructor Description
    protected Signature​(String algorithm)
    Constructs a new instance of Signature with the name of the algorithm to use.

  • Method Summary

    Modifier and Type Method Description
    Object clone()
    Creates and returns a copy of this Object.
    String getAlgorithm()
    Returns the name of the algorithm of this Signature.
    static Signature getInstance​(String algorithm)
    Returns a new instance of Signature that utilizes the specified algorithm.
    static Signature getInstance​(String algorithm, String provider)
    Returns a new instance of Signature that utilizes the specified algorithm from the specified provider.
    static Signature getInstance​(String algorithm, Provider provider)
    Returns a new instance of Signature that utilizes the specified algorithm from the specified provider.
    Object getParameter​(String param)
    Deprecated.
    There is no generally accepted parameter naming convention.
    AlgorithmParameters getParameters()
    Returns the AlgorithmParameters of this Signature instance.
    Provider getProvider()
    Returns the provider associated with this Signature.
    void initSign​(PrivateKey privateKey)
    Initializes this Signature instance for signing, using the private key of the identity whose signature is going to be generated.
    void initSign​(PrivateKey privateKey, SecureRandom random)
    Initializes this Signature instance for signing, using the private key of the identity whose signature is going to be generated and the specified source of randomness.
    void initVerify​(Certificate certificate)
    Initializes this Signature instance for signature verification, using the certificate of the identity whose signature is going to be verified.
    void initVerify​(PublicKey publicKey)
    Initializes this Signature instance for signature verification, using the public key of the identity whose signature is going to be verified.
    void setParameter​(String param, Object value)
    Deprecated.
    Use setParameter(AlgorithmParameterSpec) instead.
    void setParameter​(AlgorithmParameterSpec params)
    Sets the specified AlgorithmParameterSpec.
    byte[] sign()
    Generates and returns the signature of all updated data.
    int sign​(byte[] outbuf, int offset, int len)
    Generates and stores the signature of all updated data in the provided byte[] at the specified position with the specified length.
    String toString()
    Returns a string containing a concise, human-readable description of this Signature including its algorithm and its state.
    void update​(byte b)
    Updates the data to be verified or to be signed, using the specified byte.
    void update​(byte[] data)
    Updates the data to be verified or to be signed, using the specified byte[].
    void update​(byte[] data, int off, int len)
    Updates the data to be verified or to be signed, using the given byte[], starting form the specified index for the specified length.
    void update​(ByteBuffer data)
    Updates the data to be verified or to be signed, using the specified ByteBuffer.
    boolean verify​(byte[] signature)
    Indicates whether the given signature can be verified using the public key or a certificate of the signer.
    boolean verify​(byte[] signature, int offset, int length)
    Indicates whether the given signature starting at index offset with length bytes can be verified using the public key or a certificate of the signer.

    Methods inherited from class java.security.SignatureSpi

    engineGetParameter, engineGetParameters, engineInitSign, engineInitSign, engineInitVerify, engineSetParameter, engineSetParameter, engineSign, engineSign, engineUpdate, engineUpdate, engineUpdate, engineVerify, engineVerify

    Methods inherited from class java.lang.Object

    equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

  • Field Details

    • UNINITIALIZED

      protected static final int UNINITIALIZED
      Constant that indicates that this Signature instance has not yet been initialized.
      See Also:
      Constant Field Values

    • SIGN

      protected static final int SIGN
      Constant that indicates that this Signature instance has been initialized for signing.
      See Also:
      Constant Field Values

    • VERIFY

      protected static final int VERIFY
      Constant that indicates that this Signature instance has been initialized for verification.
      See Also:
      Constant Field Values

    • state

      protected int state
      Represents the current state of this Signature. The three possible states are UNINITIALIZED, SIGN or VERIFY.

  • Constructor Details

    • Signature

      protected Signature​(String algorithm)
      Constructs a new instance of Signature with the name of the algorithm to use.
      Parameters:
      algorithm - the name of algorithm to use.

  • Method Details

    • getInstance

      public static Signature getInstance​(String algorithm) throws NoSuchAlgorithmException
      Returns a new instance of Signature that utilizes the specified algorithm.
      Parameters:
      algorithm - the name of the algorithm to use.
      Returns:
      a new instance of Signature that utilizes the specified algorithm.
      Throws:
      NoSuchAlgorithmException - if the specified algorithm is not available.
      NullPointerException - if algorithm is null.

    • getInstance

      public static Signature getInstance​(String algorithm, String provider) throws NoSuchAlgorithmException, NoSuchProviderException
      Returns a new instance of Signature that utilizes the specified algorithm from the specified provider.
      Parameters:
      algorithm - the name of the algorithm to use.
      provider - the name of the provider.
      Returns:
      a new instance of Signature that utilizes the specified algorithm from the specified provider.
      Throws:
      NoSuchAlgorithmException - if the specified algorithm is not available.
      NoSuchProviderException - if the specified provider is not available.
      NullPointerException - if algorithm is null.
      IllegalArgumentException - if provider == null || provider.isEmpty()

    • getInstance

      public static Signature getInstance​(String algorithm, Provider provider) throws NoSuchAlgorithmException
      Returns a new instance of Signature that utilizes the specified algorithm from the specified provider.
      Parameters:
      algorithm - the name of the algorithm to use.
      provider - the security provider.
      Returns:
      a new instance of Signature that utilizes the specified algorithm from the specified provider.
      Throws:
      NoSuchAlgorithmException - if the specified algorithm is not available.
      NullPointerException - if algorithm is null.
      IllegalArgumentException - if provider == null

    • getProvider

      public final Provider getProvider()
      Returns the provider associated with this Signature.
      Returns:
      the provider associated with this Signature.

    • getAlgorithm

      public final String getAlgorithm()
      Returns the name of the algorithm of this Signature.
      Returns:
      the name of the algorithm of this Signature.

    • initVerify

      public final void initVerify​(PublicKey publicKey) throws InvalidKeyException
      Initializes this Signature instance for signature verification, using the public key of the identity whose signature is going to be verified.
      Parameters:
      publicKey - the public key.
      Throws:
      InvalidKeyException - if publicKey is not valid.

    • initVerify

      public final void initVerify​(Certificate certificate) throws InvalidKeyException
      Initializes this Signature instance for signature verification, using the certificate of the identity whose signature is going to be verified.

      If the given certificate is an instance of X509Certificate and has a key usage parameter that indicates, that this certificate is not to be used for signing, an InvalidKeyException is thrown.

      Parameters:
      certificate - the certificate used to verify a signature.
      Throws:
      InvalidKeyException - if the publicKey in the certificate is not valid or not to be used for signing.

    • initSign

      public final void initSign​(PrivateKey privateKey) throws InvalidKeyException
      Initializes this Signature instance for signing, using the private key of the identity whose signature is going to be generated.
      Parameters:
      privateKey - the private key.
      Throws:
      InvalidKeyException - if privateKey is not valid.

    • initSign

      public final void initSign​(PrivateKey privateKey, SecureRandom random) throws InvalidKeyException
      Initializes this Signature instance for signing, using the private key of the identity whose signature is going to be generated and the specified source of randomness.
      Parameters:
      privateKey - the private key.
      random - the SecureRandom to use.
      Throws:
      InvalidKeyException - if privateKey is not valid.

    • sign

      public final byte[] sign() throws SignatureException
      Generates and returns the signature of all updated data.

      This Signature instance is reset to the state of its last initialization for signing and thus can be used for another signature from the same identity.

      Returns:
      the signature of all updated data.
      Throws:
      SignatureException - if this Signature instance is not initialized properly.

    • sign

      public final int sign​(byte[] outbuf, int offset, int len) throws SignatureException
      Generates and stores the signature of all updated data in the provided byte[] at the specified position with the specified length.

      This Signature instance is reset to the state of its last initialization for signing and thus can be used for another signature from the same identity.

      Parameters:
      outbuf - the buffer to store the signature.
      offset - the index of the first byte in outbuf to store.
      len - the number of bytes allocated for the signature.
      Returns:
      the number of bytes stored in outbuf.
      Throws:
      SignatureException - if this Signature instance is not initialized properly.
      IllegalArgumentException - if offset or len are not valid in respect to outbuf.

    • verify

      public final boolean verify​(byte[] signature) throws SignatureException
      Indicates whether the given signature can be verified using the public key or a certificate of the signer.

      This Signature instance is reset to the state of its last initialization for verifying and thus can be used to verify another signature of the same signer.

      Parameters:
      signature - the signature to verify.
      Returns:
      true if the signature was verified, false otherwise.
      Throws:
      SignatureException - if this Signature instance is not initialized properly.

    • verify

      public final boolean verify​(byte[] signature, int offset, int length) throws SignatureException
      Indicates whether the given signature starting at index offset with length bytes can be verified using the public key or a certificate of the signer.

      This Signature instance is reset to the state of its last initialization for verifying and thus can be used to verify another signature of the same signer.

      Parameters:
      signature - the byte[] containing the signature to verify.
      offset - the start index in signature of the signature.
      length - the number of bytes allocated for the signature.
      Returns:
      true if the signature was verified, false otherwise.
      Throws:
      SignatureException - if this Signature instance is not initialized properly.
      IllegalArgumentException - if offset or length are not valid in respect to signature.

    • update

      public final void update​(byte b) throws SignatureException
      Updates the data to be verified or to be signed, using the specified byte.
      Parameters:
      b - the byte to update with.
      Throws:
      SignatureException - if this Signature instance is not initialized properly.

    • update

      public final void update​(byte[] data) throws SignatureException
      Updates the data to be verified or to be signed, using the specified byte[].
      Parameters:
      data - the byte array to update with.
      Throws:
      SignatureException - if this Signature instance is not initialized properly.

    • update

      public final void update​(byte[] data, int off, int len) throws SignatureException
      Updates the data to be verified or to be signed, using the given byte[], starting form the specified index for the specified length.
      Parameters:
      data - the byte array to update with.
      off - the start index in data of the data.
      len - the number of bytes to use.
      Throws:
      SignatureException - if this Signature instance is not initialized properly.

    • update

      public final void update​(ByteBuffer data) throws SignatureException
      Updates the data to be verified or to be signed, using the specified ByteBuffer.
      Parameters:
      data - the ByteBuffer to update with.
      Throws:
      SignatureException - if this Signature instance is not initialized properly.

    • toString

      public String toString()
      Returns a string containing a concise, human-readable description of this Signature including its algorithm and its state.
      Overrides:
      toString in class Object
      Returns:
      a printable representation for this Signature.

    • setParameter

      @Deprecated public final void setParameter​(String param, Object value) throws InvalidParameterException
      Deprecated.
      Use setParameter(AlgorithmParameterSpec) instead.
      Sets the specified parameter to the given value.
      Parameters:
      param - the name of the parameter.
      value - the parameter value.
      Throws:
      InvalidParameterException - if the parameter is invalid, already set or is not allowed to be changed.

    • setParameter

      public final void setParameter​(AlgorithmParameterSpec params) throws InvalidAlgorithmParameterException
      Sets the specified AlgorithmParameterSpec.
      Parameters:
      params - the parameter to set.
      Throws:
      InvalidAlgorithmParameterException - if the parameter is invalid, already set or is not allowed to be changed.

    • getParameters

      public final AlgorithmParameters getParameters()
      Returns the AlgorithmParameters of this Signature instance.
      Returns:
      the AlgorithmParameters of this Signature instance, maybe null.

    • getParameter

      @Deprecated public final Object getParameter​(String param) throws InvalidParameterException
      Deprecated.
      There is no generally accepted parameter naming convention.
      Returns the value of the parameter with the specified name.
      Parameters:
      param - the name of the requested parameter value
      Returns:
      the value of the parameter with the specified name, maybe null.
      Throws:
      InvalidParameterException - if param is not a valid parameter for this Signature or an other error occurs.

    • clone

      public Object clone() throws CloneNotSupportedException
      Description copied from class: Object
      Creates and returns a copy of this Object. The default implementation returns a so-called "shallow" copy: It creates a new instance of the same class and then copies the field values (including object references) from this instance to the new instance. A "deep" copy, in contrast, would also recursively clone nested objects. A subclass that needs to implement this kind of cloning should call super.clone() to create the new instance and then create deep copies of the nested, mutable objects.
      Overrides:
      clone in class SignatureSpi
      Returns:
      a copy of this object.
      Throws:
      CloneNotSupportedException - if this object's class does not implement the Cloneable interface.